mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-03 20:54:00 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add save load test for tls13

Browse Source 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu 2022-07-15 13:05:57 +08:00
parent a180f99a55
commit f092629997
2 changed files with 77 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
tests/suites/test_suite_ssl.data
View File

@ -3201,27 +3201,43 @@ ssl_tls_prf:MBEDTLS_SSL_TLS_PRF_SHA256:"1234567890abcdef1234567890abcdef12345678
Session serialization, save-load: no ticket, no cert
depends_on:MBEDTLS_SSL_PROTO_TLS1_2
ssl_serialize_session_save_load:0:""
ssl_serialize_session_save_load:0:"":MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_2
Session serialization, save-load: small ticket, no cert
depends_on:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_PROTO_TLS1_2
ssl_serialize_session_save_load:42:""
ssl_serialize_session_save_load:42:"":MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_2
Session serialization, save-load: large ticket, no cert
depends_on:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_PROTO_TLS1_2
ssl_serialize_session_save_load:1023:""
ssl_serialize_session_save_load:1023:"":MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_2
Session serialization, save-load: no ticket, cert
depends_on:MBEDTLS_X509_USE_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_FS_IO:MBEDTLS_SSL_PROTO_TLS1_2
ssl_serialize_session_save_load:0:"data_files/server5.crt"
ssl_serialize_session_save_load:0:"data_files/server5.crt":MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_2
Session serialization, save-load: small ticket, cert
depends_on:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_C:MBEDTLS_X509_USE_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_FS_IO:MBEDTLS_SSL_PROTO_TLS1_2
ssl_serialize_session_save_load:42:"data_files/server5.crt"
ssl_serialize_session_save_load:42:"data_files/server5.crt":MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_2
Session serialization, save-load: large ticket, cert
depends_on:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_C:MBEDTLS_X509_USE_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_FS_IO:MBEDTLS_SSL_PROTO_TLS1_2
ssl_serialize_session_save_load:1023:"data_files/server5.crt"
ssl_serialize_session_save_load:1023:"data_files/server5.crt":MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_2
TLS 1.3: CLI: Session serialization, save-load: no ticket
depends_on:MBEDTLS_SSL_PROTO_TLS1_3
ssl_serialize_session_save_load:0:"":MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_3
TLS 1.3: CLI: Session serialization, save-load: small ticket
depends_on:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_PROTO_TLS1_3
ssl_serialize_session_save_load:42:"":MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_3
TLS 1.3: CLI: Session serialization, save-load: large ticket
depends_on:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_PROTO_TLS1_3
ssl_serialize_session_save_load:1023:"":MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_3
TLS 1.3: SRV: Session serialization, save-load: large ticket
depends_on:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_SRV_C:MBEDTLS_SSL_PROTO_TLS1_3
ssl_serialize_session_save_load:1023:"":MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_3
Session serialization, load-save: no ticket, no cert
depends_on:MBEDTLS_SSL_PROTO_TLS1_2

92
tests/suites/test_suite_ssl.function
View File

@ -4670,7 +4670,8 @@ exit:
/* END_CASE */
/* BEGIN_CASE */
void ssl_serialize_session_save_load( int ticket_len, char *crt_file )
void ssl_serialize_session_save_load( int ticket_len, char *crt_file,
int endpoint_type, int tls_version )
{
mbedtls_ssl_session original, restored;
unsigned char *buf = NULL;
@ -4684,7 +4685,20 @@ void ssl_serialize_session_save_load( int ticket_len, char *crt_file )
mbedtls_ssl_session_init( &restored );
/* Prepare a dummy session to work on */
TEST_ASSERT( ssl_tls12_populate_session( &original, ticket_len, crt_file ) == 0 );
((void) endpoint_type);
((void) tls_version);
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
if(tls_version == MBEDTLS_SSL_VERSION_TLS1_3)
{
TEST_ASSERT( ssl_tls13_populate_session(
&original, 0, endpoint_type ) == 0 );
}
else
#endif
{
TEST_ASSERT( ssl_tls12_populate_session(
&original, ticket_len, crt_file ) == 0 );
}
/* Serialize it */
TEST_ASSERT( mbedtls_ssl_session_save( &original, NULL, 0, &len )
@ -4704,42 +4718,54 @@ void ssl_serialize_session_save_load( int ticket_len, char *crt_file )
#endif
TEST_ASSERT( original.tls_version == restored.tls_version );
TEST_ASSERT( original.ciphersuite == restored.ciphersuite );
TEST_ASSERT( original.compression == restored.compression );
TEST_ASSERT( original.id_len == restored.id_len );
TEST_ASSERT( memcmp( original.id,
restored.id, sizeof( original.id ) ) == 0 );
TEST_ASSERT( memcmp( original.master,
restored.master, sizeof( original.master ) ) == 0 );
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( tls_version == MBEDTLS_SSL_VERSION_TLS1_2 )
{
TEST_ASSERT( original.compression == restored.compression );
TEST_ASSERT( original.id_len == restored.id_len );
TEST_ASSERT( memcmp( original.id,
restored.id, sizeof( original.id ) ) == 0 );
TEST_ASSERT( memcmp( original.master,
restored.master, sizeof( original.master ) ) == 0 );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
TEST_ASSERT( ( original.peer_cert == NULL ) ==
( restored.peer_cert == NULL ) );
if( original.peer_cert != NULL )
{
TEST_ASSERT( original.peer_cert->raw.len ==
restored.peer_cert->raw.len );
TEST_ASSERT( memcmp( original.peer_cert->raw.p,
restored.peer_cert->raw.p,
original.peer_cert->raw.len ) == 0 );
}
if( original.peer_cert != NULL )
{
TEST_ASSERT( original.peer_cert->raw.len ==
restored.peer_cert->raw.len );
TEST_ASSERT( memcmp( original.peer_cert->raw.p,
restored.peer_cert->raw.p,
original.peer_cert->raw.len ) == 0 );
}
#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
TEST_ASSERT( original.peer_cert_digest_type ==
restored.peer_cert_digest_type );
TEST_ASSERT( original.peer_cert_digest_len ==
restored.peer_cert_digest_len );
TEST_ASSERT( ( original.peer_cert_digest == NULL ) ==
( restored.peer_cert_digest == NULL ) );
if( original.peer_cert_digest != NULL )
{
TEST_ASSERT( memcmp( original.peer_cert_digest,
restored.peer_cert_digest,
original.peer_cert_digest_len ) == 0 );
}
TEST_ASSERT( original.peer_cert_digest_type ==
restored.peer_cert_digest_type );
TEST_ASSERT( original.peer_cert_digest_len ==
restored.peer_cert_digest_len );
TEST_ASSERT( ( original.peer_cert_digest == NULL ) ==
( restored.peer_cert_digest == NULL ) );
if( original.peer_cert_digest != NULL )
{
TEST_ASSERT( memcmp( original.peer_cert_digest,
restored.peer_cert_digest,
original.peer_cert_digest_len ) == 0 );
}
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
#endif /* MBEDTLS_X509_CRT_PARSE_C */
TEST_ASSERT( original.verify_result == restored.verify_result );
TEST_ASSERT( original.verify_result == restored.verify_result );
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
TEST_ASSERT( original.mfl_code == restored.mfl_code );
#endif
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
TEST_ASSERT( original.encrypt_then_mac == restored.encrypt_then_mac );
#endif
}
#endif
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
TEST_ASSERT( original.ticket_len == restored.ticket_len );
if( original.ticket_len != 0 )
@ -4752,14 +4778,6 @@ void ssl_serialize_session_save_load( int ticket_len, char *crt_file )
TEST_ASSERT( original.ticket_lifetime == restored.ticket_lifetime );
#endif
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
TEST_ASSERT( original.mfl_code == restored.mfl_code );
#endif
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
TEST_ASSERT( original.encrypt_then_mac == restored.encrypt_then_mac );
#endif
exit:
mbedtls_ssl_session_free( &original );
mbedtls_ssl_session_free( &restored );